Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Key Vault Data Protection to dotnet #1076

Merged
merged 7 commits into from
Dec 9, 2024
Merged

Conversation

DrizzlyOwl
Copy link
Collaborator

@DrizzlyOwl DrizzlyOwl commented May 31, 2024

The purpose of this Pull Request is to add aspnet Data Protection services to the webapp. This will ensure that user sessions are secured and persistent across multiple 'instances' of the web app. This is particularly important in Azure where the app is running in containers.

As you will see in the logic of the patch, this is not testable on a local machine due to requiring access to a linux file path and Azure Key Vault Key.

Mounting a network-attached File Share to all the containers that run the app, then storing the session key ring key.xml on the shared file path, will ensure all instances of the app can use the same key for encrypting/decrypting user sessions.

Changes

  • Registers Data Protection services to the app
  • Allows operators to deploy a File Share using Terraform
  • Allows operators to deploy a Key Vault and associated cryptographic Key used to further encrypt the aspnet key ring on the File Share

@DrizzlyOwl DrizzlyOwl force-pushed the feat-data-protection branch 3 times, most recently from 6dcec87 to 7366805 Compare May 31, 2024 13:27

This comment was marked as outdated.

@DrizzlyOwl DrizzlyOwl force-pushed the feat-data-protection branch 2 times, most recently from f7a5276 to 8ec8543 Compare December 2, 2024 12:28
@DrizzlyOwl DrizzlyOwl force-pushed the feat-data-protection branch from 8ec8543 to a6a2de2 Compare December 3, 2024 12:18
@DrizzlyOwl DrizzlyOwl changed the title WIP: Add Data Protection to dotnet Add Key Vault Data Protection to dotnet Dec 3, 2024
Copy link

sonarcloud bot commented Dec 3, 2024

@DrizzlyOwl DrizzlyOwl enabled auto-merge (squash) December 3, 2024 12:54
@DrizzlyOwl DrizzlyOwl disabled auto-merge December 5, 2024 11:21
@DrizzlyOwl DrizzlyOwl merged commit e09afa3 into main Dec 9, 2024
5 checks passed
@DrizzlyOwl DrizzlyOwl deleted the feat-data-protection branch December 9, 2024 10:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants